package com.cloud.xtools.common.config;

import com.cloud.xtools.common.filter.SecurityAuthenticationFilter;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

import java.util.ArrayList;
import java.util.List;

/**
 * @author Daixinguo
 */
@Configuration
@RequiredArgsConstructor
public class SecurityConfig {

    private final SecurityAuthenticationFilter securityAuthenticationFilter;

    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        List<String> list = new ArrayList<>();
        http
                .csrf(AbstractHttpConfigurer::disable)
                .authorizeHttpRequests((authorize) -> authorize
                        // .requestMatchers("/api/admin/register").permitAll()
                        // // .requestMatchers("/api/admin/login").permitAll()
                        // .requestMatchers("/api/user/register").permitAll()
                        // .requestMatchers("/api/user/login").permitAll()
                        // .anyRequest().authenticated()
                        // 全部放开，登录认证拦截完全由 jwtAuthenticationFilter 控制
                        .anyRequest().permitAll()
                )
                .addFilterBefore(securityAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
                // .formLogin(AbstractHttpConfigurer::disable)
                // .httpBasic(AbstractHttpConfigurer::disable);

        return http.build();
    }
}
